# [START vpc_firewall_create]
resource "google_compute_firewall" "<%= ctx[:primary_resource_id] %>" {
  project     = "<%= ctx[:test_env_vars]["project"] %>"
  name        = "<%= ctx[:vars]['firewall_name'] %>"
  network     = "default"
  description = "Creates firewall rule targeting tagged instances"

  allow {
    protocol  = "tcp"
    ports     = ["80", "8080", "1000-2000"]
  }
  target_tags = ["web"]
}
# [END vpc_firewall_create]
